﻿<%@ Page Language="C#" AutoEventWireup="true" CodeFile="script_inj.aspx.cs" Inherits="script_inj" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>无标题页</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:DB %>"
            DeleteCommand="DELETE FROM [users] WHERE [uid] = @uid" InsertCommand="INSERT INTO [users] ([uid], [name], [email]) VALUES (@uid, @name, @email)"
            SelectCommand="SELECT [uid], [name], [email] FROM [users]" UpdateCommand="UPDATE [users] SET [name] = @name, [email] = @email WHERE [uid] = @uid">
            <DeleteParameters>
                <asp:Parameter Name="uid" Type="String" />
            </DeleteParameters>
            <UpdateParameters>
                <asp:Parameter Name="name" Type="String" />
                <asp:Parameter Name="email" Type="String" />
                <asp:Parameter Name="uid" Type="String" />
            </UpdateParameters>
            <InsertParameters>
                <asp:Parameter Name="uid" Type="String" />
                <asp:Parameter Name="name" Type="String" />
                <asp:Parameter Name="email" Type="String" />
            </InsertParameters>
        </asp:SqlDataSource>
        <asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" DataKeyNames="uid"
            DataSourceID="SqlDataSource1">
            <Columns>
                <asp:CommandField ShowEditButton="True" />
                <asp:BoundField DataField="uid" HeaderText="uid" ReadOnly="True" SortExpression="uid" />
                <asp:BoundField DataField="name" HeaderText="name" SortExpression="name" />
                <asp:BoundField DataField="email" HeaderText="email" SortExpression="email" />
            </Columns>
        </asp:GridView>
    
    </div>
    </form>
</body>
</html>
